I have found that if a connection is initiated on the SSL port but the client does not participate in the SSL handshake, the socket seems to hang around indefinitely. The test I used was to telnet to the secure port without typing/sending any further data.
When doing the same to the non-secure port, the socket will timeout according to the connectionTimeout parameter. I noticed in the code PoolTcpEndPoint.java, in the TcpWorkerThread.runIt() method, that endpoint.setSocketOptions(s) is called after endpoint.getServerSocketFactory().handshake(s). I tried moving the call to setSocketOptions() before handshake() and the SSL socket times out according to the connectionTimeout. As I am a relatively new Tomcat user, I'm not sure what are the impact/implications of this change. Any feedback, particularly as to whether you agree this is a problem, would be most appreciated. Thanks in advance, - Alex
